Method and apparatus for implementing digital rights management

ABSTRACT

A method and apparatus is provided for providing digital content to a client. The method begins by receiving a request from the client to receive digital content. The client is authorized to receive the digital content and the DRM implementation employed by the client is determined. The digital content is then provided to the client in conformance with the DRM implementation employed by the client.

FIELD OF THE INVENTION

The present invention relates generally to the management of digital information, and more particularly to a method and apparatus for providing and accessing digital information protected by different digital rights management technologies.

BACKGROUND OF THE INVENTION

Computers store, share and manipulate digital information that can be replicated accurately and shared widely among many computer systems. Computers share or receive digital information in a variety contexts. For example, digital information can be stored, exchanged and delivered by way of magnetic (floppy diskette) or optical (CD-ROM) storage devices. Computers operating in network environments pass digital information back and forth freely and often in great volume. In fact, more and more content is being delivered in digital form, and more and more digital content is being delivered online over private and public networks, such as Intranets, the Internet and cable TV networks. Wide-spread replication and distribution of digital products supports new methods of digital product manufacturing and distribution. That is, digitally stored items can be copied and distributed electronically outside the traditional methods of product manufacture and distribution.

For a user or client, a digital format allows more sophisticated content, while online delivery improves timeliness and convenience. For a publisher, digital content also reduces delivery costs. Unfortunately, these worthwhile attributes are often outweighed in the minds of publishers by the corresponding disadvantage that online information delivery makes it relatively easy to obtain pristine digital content and to pirate the content at the expense and harm of the publisher. Accordingly, the digital nature of these works, makes it imperative that they be secured against unauthorized copying. With no generation loss and the relative ease with which digital files may be copied and distributed, even a single unprotected copy could spawn a multitude of pirated versions, significantly reducing the demand for authorized copies.

If digital content such as digitized audio tracks, literary works in digital form, or digital images and videos could be securely distributed to consumers, then an entirely new market for these works could be created. For example, rather than purchasing music albums from a local retail outlet, consumers could download the digital data across the Internet and then write this data to their local CD-R, thus creating their own compact disks. Similarly, rather than renting a video tape from a local video retailer, consumers could download the digital version and then play it locally on their computer screens or televisions.

To address this need, Digital Rights Management (DRM) systems have recently been developed to restrict the use of digital files in order to protect the interests of content providers. DRM technologies can control file access (number of views, length of views), as well as the ability to alter, share, copy, print, and save files. These technologies may be contained within the operating system, program software, or in the actual hardware of a device. DRM systems may also be referred to as “Content Management Systems” (CMS), “Content/Copy Protection for Removable Media” (CPRM) or sometimes as “technological measures.”

DRM systems generally use two approaches to securing digital content. The first is containment, in which the content is encrypted so that it can only be accessed by authorized users. The second is marking, in which a watermark or other tag is placed on the digital content as a signal to a user-device that the content is copy-protected. DRM technologies may use one or both of these approaches. In addition to security technology, DRM systems often include technology for packaging, distributing and rendering (e.g., displaying, playing and printing) the digital content.

While DRM standardization is now being pursued by a number of organizations such as the openEBook Forum, the MPEG group, the Internet engineering Task Force and the World Wide Web Consortium, currently there is not a core DRM technology that is widely deployed. Rather, it has been necessary to build end-to-end DRM solutions around component technologies, which make the components not very interoperable. For example, it is generally not possible to take Vendor A's encryption-based packaging technology and integrate it with Vendor B's rendering application.

SUMMARY OF THE INVENTION

In accordance with the present invention, a method and apparatus is provided for providing digital content to a client. The method begins by receiving a request from the client to receive digital content. The client is authorized to receive the digital content and the DRM implementation employed by the client is determined. The digital content is then provided to the client in conformance with the DRM implementation employed by the client.

In accordance with one aspect of the invention, the step of providing the digital content includes the step of transmitting the digital content to the client over a computer network. The computer network may be the Internet, for example.

In accordance with another aspect of the invention, the step of providing the digital content includes the step of providing a physical medium to the client in which the digital content is embodied.

In accordance with another aspect of the invention, the digital content is obtained from a content provider prior to transmitting the digital content to the client.

In accordance with another aspect of the invention, a rights package is bundled with the digital content prior to transmitting the digital content to the client.

In accordance with another aspect of the invention, the rights package includes a decryption key for decrypting the digital content.

In accordance with another aspect of the invention, the digital content includes text-based information, audio information, visual information, or any combination thereof.

In accordance with another aspect of the invention, the digital content is transmitted as streaming media.

In accordance with another aspect of the invention, a method is provided for receiving digital content from a content distributor. The method begins by transmitting a request to the content distributor to receive digital content. In addition, information is transmitted that reflects a DRM implementation in which the digital content is to be received. The digital content is received in conformance with the DRM implementation in which the digital content is to be received.

In accordance with another aspect of the invention, a DRM architecture is provided for storing and distributing digital content. The DRM architecture includes a content database for electronically storing the digital content and a DRM packager for distributing to a client the digital content in conformance with a plurality of different DRM implementations.

In accordance with another aspect of the invention, a method is provided for providing digital content to a client. The method begins by receiving a request from the client to receive digital content. The client is authorized to receive the digital content. A universal DRM layer is added to the digital content. The universal DRM layer is able to access digital content in conformance with a plurality of different DRM implementations. The digital content is in conformance with one of the plurality of different DRM implementations. The digital content is provided to the client in conformance with the universal DRM layer.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows an overview of a generalized DRM architecture that encompasses a content provider and a client.

FIG. 2 is a flow-chart illustrating an exemplary sequence of steps employed by the content provider for providing digital content to a client in accordance with the present invention.

DETAILED DESCRIPTION

The present inventor has recognized that the problems arising from the incompatibility of different DRM technologies can be alleviated by making digital content available in multiple DRM formats. Upon a user's request, the digital content can be provided to the user in conformance with the particular DRM format employed by the user. Accordingly, compatibility between the DRM technology employed by the content provider and the DRM technology employed by the user or client becomes less of a problem, provided that the user's DRM technology matches one of the formats used by the content provider.

At the outset, a high level view of a generalized DRM architecture will be presented to facilitate an understanding of the present invention. Most vendor-specific DRM implementations can be described in terms of this generalized architecture. As shown in FIG. 1, the major components of the DRM architecture are the content server 110, the license server 130, and the client 120.

Turning first to the content server 110, it includes a content repository 112 in which the actual content to be licensed is stored. The content server 110 also includes a product database 114 that stores information describing the content to be licensed, such as marketing information, catalogues, and prices. Finally, a DRM packager 116 is incorporated into the content server 110 to prepare the content for distribution. In particular, the DRM packager 116 may encrypt the content, possibly make it tamper-proof, and possibly add a watermark. The DRM packager 116 also creates a description of the rights that the content provider is willing to allow the user to exercise with respect to the content. In the simplest case the DRM packager 116 bundles the rights with the content and sends it to the user. In more flexible arrangements the content package is kept separate from the rights, with the rights being embodied in a separate license. This arrangement is particularly useful in connection with streaming media, which cannot be bundled with the content package. The DRM packager 116 may also create encryption keys to authenticate the user and decrypt the content. While in FIG. 1 the DRM packager 116 is associated with the content server 110, it should be noted that in general the content may be prepared at any point along the distribution chain. For example, DRM packager 116 may be associated with a clearinghouse that prepares content for a wide variety of different content providers.

Assuming for generality that the content package and the license are distinct, the DRM packager 116 sends the rights specification and encryption keys that it has created to the license server 130 where, in FIG. 1, they are stored in a rights database 132 and an encryption key database 134, respectively. The license server 130 may also include an identities database 136 for storing the information about the users who are entitled to exercise rights with respect to the content. A license generator 138 is employed to create the license using the information in the rights, encryption keys, and identities databases.

The client 120 refers either to the user, the device, e.g., a personal computer or PDA, or both the user and device, that is requesting the content from the content server. For the purposes of digital rights management, the primary component residing in the client 120 is the DRM controller 122, which provides the identity information to, and obtains the license from, the license server. Once the license has been obtained, the DRM controller 122 retrieves the encryption keys from the license, decrypts the content package and releases the content to a rendering application 124. The rendering application 124 is generally software residing in the client device that is used to view, play, print or otherwise exercise the rights with respect to the content. The DRM controller 122 may be software that is incorporated into the rendering application, software that is independent of the rendering application, or it even may be a dedicated hardware element. In some cases the DRM controller 122 is embodied in a plug-in for a rendering application, which is currently the case for Adobe Acrobat Reader, for example.

One example of a sequence of steps that may be used to acquire content and exercise rights with respect to that content using the architecture depicted in FIG. I is as follows. Generally, the user begins the process by obtaining a content package in any of a variety of ways, such as by downloading it over the Internet or reading it from physical media such as a CD-ROM. Next, the user makes a request to exercise rights on the content package. The request may be made through the rendering application 124 or some other interface, which in turn instructs the DRM controller 122 to gather the information required by the license server to generate a license. Such information generally includes identity information pertaining to the user and client device and/or information from the content package such as a content identifier. The DRM controller 122 forwards the information to the license server 130. In the license server 130, the license generator 138 authenticates the user's identity in its identities database 136 and gathers rights information from the user's license request. The license server 130 may also initiate a financial transaction with the user or, alternatively, may ensure that such a transaction has already been completed. The license generator 138 creates a license using the rights information, client identity information, and the encryption keys. The license generator 138 forwards the license to the client, which in turn decrypts the content and forwards it to the rendering application 124.

The number of vendors currently providing DRM implementations that conform to the architecture depicted in FIG. 1 is so great that for purposes of brevity only a few of them will be mentioned herein. As one example, the Media Commerce Suite is a DRM implementation available from RealNetworks that is suitable for streaming media formats such as RealAudio, RealVideo, and Windows Media. In this implementation the user downloads the Media Commerce Upgrade software, which is an add-on to a streaming media application such as RealPlayer and Windows Media Player. In terms of the FIG. 1 architecture, the Media Commerce Upgrade software serves as the DRM controller. The RealSystem License Server corresponds to license server 130 in FIG. 1 and accepts purchase requests and creates licenses for users. Another DRM implementation suitable for streaming media formats is provided by Liquid Audio, Inc. Liquid Audio supports not only Windows- and Macintosh-based client devices, but also portable devices available from vendors such as Sony, Sanyo, Palm and Toshiba. Similar to RealNetworks, Liquid Audio operates with RealAudio and Windows Media. Sony Corporation provides a variety of DRM implementations such as Open MG X, for example. Open MG X includes three distinct software modules. One module adds digital rights management information to the digital content, another module distributes the digital rights management information to the client, and a third client module is provided for developing application software that is compatible with Open MG X.

While the aforementioned DRM implementations are illustrative of those available for providing music and streaming media, other DRM implementations are designed for text- and image-based content. For example, Adobe Systems provides Adobe Content Server, which provides a DRM implementation for Adobe's own text and image application, eBook Reader. Other vendors such as InterTrust provide a DRM implementation for another text and image application provided by Adobe Systems, Acrobat Reader. InterTrust supplies a plug-in for Acrobat Reader, DocBox, which serves as the DRM controller for this implementation.

While many of the previously mentioned DRM vendors provide end-to-end DRM systems for content providers, it should be noted that not all the functional elements of such a system as depicted in FIG. 1 necessarily need to be provided by the same vendor. That is, security technology such as encryption and authentication, and technology for packaging, distributing and rendering (e.g., displaying, playing and printing) may each be provided by a different vendor. Unfortunately, as previously mentioned, if different functional elements are provided by different vendors employing various proprietary DRM technologies, the client may not be able to render the digital content in a usable manner.

To overcome this limitation, in accordance with the present invention, the DRM packager 116 prepares the content in conformity with a number of different DRM implementations. That is, the DRM packager 116 can encrypt the content and format the license so that it can be decrypted by various DRM controllers 122 that operate in accordance with different DRM implementations. In this way the client 120 is not required to have the hardware or software required by the single vendor-specific DRM implementation that is used by a given content provider.

FIG. 2 is flow-chart illustrating an exemplary sequence of steps employed by the content provider for providing digital content to a client in accordance with the present invention. In step 200, the content server 110 seen in FIG. 1 receives a request from the client 120 to receive digital content. Based on information received from the client 120, the DRM packager 112 in step 210 determines the particular DRM implementation that the client employs and forwards the appropriate content package to the client in accordance with that particular DRM implementation. In step 220 the DRM packager 116 provides to the license server 130 the information necessary to generate a license. In step 230 the license server 130 generates and forwards the license to the client 120, along with any necessary encryption keys, in the format required by the client's DRM controller 122 so that the content can be decrypted and made available to the rendering application 124.

In an alternative embodiment of the invention, instead of preparing the content in conformity with different DRM implementations, the DRM packager 116 may add a layer on top of the content package prepared by the individual DRM implementations. The additional layer can access the content by a variety of means, such as with a universal key, for example, that can decrypt content from many different DRM technologies. In this way the client only needs to have a DRM controller that is compatible with this higher-level, universal DRM implementation rather than with the individual, underlying DRM implementations. 

1. A method of providing digital content to a client, said method comprising the steps of: receiving a request at a content server from the client to receive digital content; authorizing the client to receive the digital content; determining a DRM implementation employed by the client; encrypting the digital content with a DRM packager at the content server based upon the determination made in said determining step, tamper-proofing or watermarking the digital content with the DRM packager, and providing the digital content from the content server directly to the client in conformance with said DRM implementation employed by the client.
 2. The method of claim 1 wherein the step of providing the digital content includes the step of transmitting the digital content to the client over a computer network.
 3. The method of claim 2 wherein the computer network is the Internet.
 4. The method of claim 1 wherein the step of providing the digital content includes the step of providing a physical medium to the client in which the digital content is embodied.
 5. The method of claim 2 further comprising the step of obtaining the digital content from a content provider prior to transmitting the digital content to the client.
 6. The method of claim 2 further comprising the step of bundling a rights package with the digital content prior to transmitting the digital content to the client.
 7. The method of claim 2 further comprising the step of transmitting a rights package to the client.
 8. The method of claim 6 wherein the rights package includes a decryption key for decrypting the digital content.
 9. The method of claim 7 wherein the rights package includes a decryption key for decrypting the digital content.
 10. The method of claim 1 wherein the digital content includes text-based information.
 11. The method of claim 1 wherein the digital content includes audio information.
 12. The method of claim 1 wherein the digital content includes visual information.
 13. The method of claim 1 wherein the digital content includes audio and visual information.
 14. The method of claim 2 wherein the step of transmitting the digital content includes the step of transmitting the digital content as streaming media.
 15. A method of receiving digital content from a content distributor, said method comprising the steps of: transmitting a request from a client to the content distributor to receive digital content; transmitting information from the client to the content distributor, the information reflecting a DRM implementation in which the digital content is to be received; and receiving the digital content, at the client from the content distributor, said digital content having been encrypted by a DRM packager and tamper-proofed or watermarked by a DRM packager, in conformance with said DRM implementation in which the digital content is to be received.
 16. The method of claim 15 further comprising the step of decrypting the digital content.
 17. The method of claim 16 further comprising the step of forwarding the digital content to a rendering application.
 18. The method of claim 17 wherein the rendering application performs the step of decrypting the digital content.
 19. The method of claim 15 wherein the transmitting steps are performed over a computer network.
 20. The method of claim 19 wherein the computer network is the Internet.
 21. The method of claim 15 wherein the receiving step includes the step of receiving a rights package bundled with the digital content.
 22. The method of claim 15 wherein the receiving step includes the step of receiving a rights package that is distinct from the digital content.
 23. The method of claim 21 wherein the rights package includes a decryption key for decrypting the digital content.
 24. The method of claim 22 wherein the rights package includes a decryption key for decrypting the digital content.
 25. The method of claim 15 wherein the digital content includes text-based information.
 26. The method of claim 15 wherein the digital content includes audio information.
 27. The method of claim 15 wherein the digital content includes visual information.
 28. The method of claim 15 wherein the digital content includes audio and visual information.
 29. The method of claim 2 wherein the step of receiving the digital content includes the step of receiving the digital content as streaming media.
 30. A method of providing digital content to a client, said method comprising the steps of: receiving a request from the client to receive digital content; authorizing the client to receive the digital content; adding a universal DRM layer to the digital content, said universal DRM layer being able to access digital content in conformance with a plurality of different DRM implementations, said digital content being in conformance with one of said plurality of different DRM implementations; encrypting the digital content with a DRM packager, tamper-proofing or watermarking the digital content with the DRM packager, and providing the digital content to the client in conformance with said universal DRM layer.
 31. The method of claim 30 wherein the step of providing the digital content includes the step of transmitting the digital content to the client over a computer network.
 32. The method of claim 31 wherein the computer network is the Internet.
 33. The method of claim 30 wherein the step of providing the digital content includes the step of providing a physical medium to the client in which the digital content is embodied.
 34. The method of claim 31 further comprising the step of obtaining the digital content from a content provider prior to transmitting the digital content to the client.
 35. The method of claim 31 further comprising the step of bundling a rights package with the digital content prior to transmitting the digital content to the client.
 36. The method of claim 31 further comprising the step of transmitting a rights package to the client.
 37. The method of claim 35 wherein the rights package includes a decryption key for decrypting the digital content.
 38. The method of claim 36 wherein the rights package includes a decryption key for decrypting the digital content.
 39. The method of claim 30 wherein the digital content includes text-based information.
 40. The method of claim 30 wherein the digital content includes audio information.
 41. The method of claim 30 wherein the digital content includes visual information.
 42. The method of claim 30 wherein the digital content includes audio and visual information.
 43. The method of claim 31 wherein the step of transmitting the digital content includes the step of transmitting the digital content as streaming media.
 44. A method of receiving digital content from a content distributor, said method comprising the steps of: transmitting a request from a client to the content distributor to receive digital content; receiving the digital content at the client from the content distributor, the digital content in conformance with a universal DRM implementation that can access digital content in conformance with a plurality of different DRM implementations , the digital content having been encrypted with a DRM packager at the content distributor, and the digital content having been tamper-proofed or watermarked with the DRM packager; and decrypting the digital content at the client with a controller employing the universal DRM implementation.
 45. The method of claim 44 further comprising the step of forwarding the digital content to a rendering application at the client.
 46. The method of claim 45 wherein the rendering application performs the step of decrypting the digital content.
 47. The method of claim 44 wherein the transmitting step is performed over a computer network.
 48. The method of claim 47 wherein the computer network is the Internet.
 49. The method of claim 44 wherein the receiving step includes the step of receiving a rights package bundled with the digital content.
 50. The method of claim 44 wherein the receiving step includes the step of receiving a rights package that is distinct from the digital content.
 51. The method of claim 49 wherein the rights package includes a decryption key for decrypting the digital content.
 52. The method of claim 50 wherein the rights package includes a decryption key for decrypting the digital content.
 53. The method of claim 44 wherein the digital content includes text-based information.
 54. The method of claim 44 wherein the digital content includes audio information.
 55. The method of claim 44 wherein the digital content includes visual information.
 56. The method of claim 44 wherein the digital content includes audio and visual information.
 57. The method of claim 44 wherein the step of receiving the digital content includes the step of receiving the digital content as streaming media. 